A new flaw in Linux and Apple-based OS named "Shellshock" has been discovered and experts are saying its effects are even more troublesome for user security than the Heartbleed flaw discovered earlier this year. While major corporations struggle to respond, businesses should research mainframe modernization techniques that keep data private.
Writing for Technology Review, Cesar Cerrudo said that the Shellshock vulnerability (officially known as CVE-2014-6271) may affect millions of users throughout the country. The problem stems from Bash, a "shell" interpreter that can be used by hackers to implement unverified and possibly dangerous code. BASH, which stands for "Bourne Again Shell," is a security hazard for anyone who has access to the internet.
Cerrudo says that Shellshock makes unstable internet connections even more problematic because of how underlying the flaw is. The exploit is only technically an issue in certain situations, but it has wide potential to be exploited.
"Shellshock is dangerous because while Bash is not directly exposed to the Internet, some software that is can make use of Bash internally," he said. "For example, the 'DHCP' software that negotiates your connection to a Wi-Fi network can pass along commands to Bash."
The United States Computer Emergency Readiness Team (US-CERT) has acknowledged the flaw and advised users to seek out patches for their Linux vendors. But even with the patch, there are, according to ZDNet, other related flaws that haven't been patched yet.
This shouldn't prevent any business from successfully spreading their mobile access across different platforms. It just requires a solution that is secure, easy-to-use and standardized. As tech experts seek out a general fix, a modernization plan with fewer vulnerabilities is more desirable.